detect: rename whitelist to score

The term "whitelist" is actually used to store a list of DetectPort type
items for tcp and udp in detect.h. Using the same term for also keeping
the score that affects the grouping of rules is confusing. So, rename
the variable to "score".

doc/userguide/upgrade.rst

@@ -34,6 +34,10 @@ also check all the new features that have been added but are not covered by
 this guide. Those features are either not enabled by default or require
 dedicated new configuration.
 
+Upgrading 7.0 to 8.0
+--------------------
+.. note:: ``stats.whitelist`` has been renamed to ``stats.score`` in ``eve.json``
+
 Upgrading 6.0 to 7.0
 --------------------
 

src/detect-engine-build.c

@@ -877,7 +877,7 @@ static json_t *RulesGroupPrintSghStats(const DetectEngineCtx *de_ctx, const SigG
     }
     json_object_set_new(js, "stats", stats);
 
-    json_object_set_new(js, "whitelist", json_integer(sgh->init->whitelist));
+    json_object_set_new(js, "score", json_integer(sgh->init->score));
 
     return js;
 }
@@ -1147,7 +1147,7 @@ static int RuleSetWhitelist(Signature *s)
         }
     }
 
-    s->init_data->whitelist = wl;
+    s->init_data->score = wl;
     return wl;
 }
 
@@ -1198,7 +1198,7 @@ static DetectPort *RulesGroupByPorts(DetectEngineCtx *de_ctx, uint8_t ipproto, u
             goto next;
         }
 
-        int wl = s->init_data->whitelist;
+        int wl = s->init_data->score;
         while (p) {
             int pwl = PortIsWhitelisted(de_ctx, p, ipproto) ? 111 : 0;
             pwl = MAX(wl,pwl);
@@ -1206,12 +1206,12 @@ static DetectPort *RulesGroupByPorts(DetectEngineCtx *de_ctx, uint8_t ipproto, u
             DetectPort *lookup = DetectPortHashLookup(de_ctx, p);
             if (lookup) {
                 SigGroupHeadAppendSig(de_ctx, &lookup->sh, s);
-                lookup->sh->init->whitelist = MAX(lookup->sh->init->whitelist, pwl);
+                lookup->sh->init->score = MAX(lookup->sh->init->score, pwl);
             } else {
                 DetectPort *tmp2 = DetectPortCopySingle(de_ctx, p);
                 BUG_ON(tmp2 == NULL);
                 SigGroupHeadAppendSig(de_ctx, &tmp2->sh, s);
-                tmp2->sh->init->whitelist = pwl;
+                tmp2->sh->init->score = pwl;
                 DetectPortHashAdd(de_ctx, tmp2);
             }
 
@@ -1519,7 +1519,7 @@ error:
 
 static int PortGroupWhitelist(const DetectPort *a)
 {
-    return a->sh->init->whitelist;
+    return a->sh->init->score;
 }
 
 int CreateGroupedPortListCmpCnt(DetectPort *a, DetectPort *b)

src/detect-engine-siggroup.c

@@ -402,8 +402,8 @@ int SigGroupHeadCopySigs(DetectEngineCtx *de_ctx, SigGroupHead *src, SigGroupHea
     for (idx = 0; idx < src->init->sig_size; idx++)
         (*dst)->init->sig_array[idx] = (*dst)->init->sig_array[idx] | src->init->sig_array[idx];
 
-    if (src->init->whitelist)
+    if (src->init->score)
-        (*dst)->init->whitelist = MAX((*dst)->init->whitelist, src->init->whitelist);
+        (*dst)->init->score = MAX((*dst)->init->score, src->init->score);
 
     return 0;
 

src/detect.h

@@ -561,7 +561,7 @@ typedef struct SignatureInitData_ {
     /** score to influence rule grouping. A higher value leads to a higher
      *  likelihood of a rulegroup with this sig ending up as a contained
      *  group. */
-    int whitelist;
+    int score;
 
     /** address settings for this signature */
     const DetectAddressHead *src, *dst;
@@ -1413,7 +1413,7 @@ typedef struct SigGroupHeadInitData_ {
 
     uint8_t protos[256];    /**< proto(s) this sgh is for */
     uint32_t direction;     /**< set to SIG_FLAG_TOSERVER, SIG_FLAG_TOCLIENT or both */
-    int whitelist;          /**< try to make this group a unique one */
+    int score;              /**< try to make this group a unique one */
 
     MpmCtx **app_mpms;
     MpmCtx **pkt_mpms;